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We propose a Calculus of Mobility and Communication (CMC) for the modelling of mobility, com¬ 
munication and context-awareness in the setting of ubiquitous computing. CMC is an ambient cal¬ 
culus with the in and out capabilities of Cardelli and Gordon’s Mobile Ambients. The calculus has 
a new form of global communication similar to that in Milner’s CCS. In CMC an ambient is tagged 
with a set of ports that agents executing inside the ambient are allowed to communicate on. It also has 
a new context-awareness feature that allows ambients to query their location. We present reduction 
semantics and labelled transition system semantics of CMC and prove that the semantics coincide. 
A new notion of behavioural equivalence is given by defining capability barbed bisimulation and 
congruence which is proved to coincide with barbed bisimulation congruence. The expressiveness of 
the calculus is illustrated by two case studies. 


1 Introduction 

Mark Weiser envisioned ll27ll^ that ubiquitous computing provides various computing devices available 
throughout the physical setting. Ubiquitous computing devices are distributed and could be mobile, and 
interactions among them are concurrent and often depend on the location of the devices. The idea of 
context-aware computing has originated in ll26l . It enables an application to adapt to the changes in its 
environment and location. Recent advancements in technology have made it possible to detect user’s 
presence or position, or to detect other entities of interest to the user. Therefore, context-awareness and 
location-awareness have become important features of ubiquitous computing environments. 

In literature, a number of formalisms and languages have been introduced for distributed and concur¬ 
rent systems. Process algebras are used to model formally concurrent systems. Structural Operational 
Semantics (SOS) is given as a standard approach of defining the semantics of a system by means of 
transition rules lfT^[T9l . Several process calculi were developed to model concurrency, communication 
and distributed systems, most notably CSP Q, CCS |[T3l and ACP fB- These process calculi have no 
primitives to describe certain aspects of behaviours of the ubiquitous computing setting, for example 
mobility and locations. The idea of mobile code has been formalised by Milner in Ti-calculus ITdl . The 
aforementioned process calculi do not represent directly physical mobility of devices and their locations 
or surroundings. 

The inspiration for our work comes from several mobile ambient and process calculi that have proved 
useful in the modelling of mobility, communication and structure of systems. The calculus of Mobile 
Ambients, MA for short, |4| is a process calculus for modelling mobile agents over wide-area networks. 
In MA the ambients represent mobile, nested, computational structures with local communication. Am¬ 
bients are named terms of the form n[P] where n is a name and P a process. 

In smart indoor settings, spatial organisation is considered an important object for providing commu¬ 
nication among various fixed and mobile sfrucfures. Despife fhe advances in fhe ubiquitous and mobile 
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computing, it is fundamental to formally model physical mobility of devices and interactions among 
mobile agents that may communicate globally. Communication in such settings could be global, which 
means that agents may interact with subagents inside other agents. Moreover, the structures in such set¬ 
tings may be mobile, and may need to have knowledge of their current location and surroundings. In 
order to model such attributes of ubiquitous computing, this paper presents a Calculus of Mobility and 
Communication (CMC). In CMC, mobility, global communication and location-awareness are consid¬ 
ered as first class entities. According to [4|, MA was proposed to model mobility and locations that could 
not be modelled directly by other traditional calculi like Milner’s Calculus of Communicating Systems 
(CCS), therefore we model locations and mobility as in Mobile Ambients. In MA, ambients may enter 
or exit named ambients by their in n and out n capabilities. The ambient’s open capability dissolves 
its boundary so that the communication may take place locally. We do not use the open capability in 
this paper since we introduce a new mechanism of global communication. CMC aims at adding global 
communication as in Milner’s CCS. To achieve this we define ambients as m^lP], where m is the name of 
the ambient, A is the set of ports that m is allowed to communicate on, and P is an executing agent. This 
helps in modelling the globally communicating mobile agents in the setting of ubiquitous computing. 

We develop Structural Operational Semantics for ambients mobility and reuse the CCS rules with 
an additional rule to introduce global communication. As in MA, we also show ambients mobility by 
means of a reduction semantics. For global communication, in contrast, it would be a challenge to find 
simple and intuitive reduction rules since (global) communication can happen via an arbitrary number 
of ambients that could be located far-away in the structure of a term, and it depends on whether or 
not all these ambients allow the communication. This is however unsound and could derive reductions 
matching no corresponding transitions. We also develop a new notion of behavioural equivalence for 
our calculus, and formulate the equivalence in terms of a-transitions and observation predicate, inspired 
by iSlITOl. Thus, we define barbed bisimulation and congruence, and capability barbed hi simulation 
and congruence, we then prove that the respective congruence relations of the two forms of barbs imply 
each other. The work on behavioural equivalence is still in progress, and the recent advances in the 
behavioural semantics theory of mobile ambients, as in ifTOlfTTTl . should be useful. 

Context-awareness is an essential paradigm of ubiquitous computing environment that makes appli¬ 
cations adaptive with their surroundings, and enables processes to be aware of the setting in which they 
are being executed. Therefore, we further extend the syntax of the calculus and add a context-awareness 
mechanism by introducing two capabilities to it. The new capability ploc(x).P allows an ambient to ac¬ 
quire the name of its parent, whereas sloc(x).P enquires the sibling’s name of an ambient. This feature 
empowers ambients to have knowledge of their current location and surroundings. 

The rest of the paper is organised as follows: We introduce our basic calculus, CMCb, in Section |2] 
where its reduction semantics and labelled transition semantics are given. We show that the two types of 
semantics coincide for an appropriate sub-calculus of CMCb. In the same section we define behavioural 
equivalence for the calculus. Section [3]presents intelligent hospital case study to illustrate the usefulness 
of CMCb. Section |4] extends CMCb to CMC with the ploc(x) and sloc(x) capabilities. We present 
operational semantics for the new capabilities and argue that the semantics coincide. In Section [5] we 
give a shopping mall case study to illustrate the usefulness of CMC. Sectioncontains conclusions. 


2 A Calculus of Mobility and Communication 

We introduce the syntax of the basic part of CMC, denoted by CMCb, in Tables [T] and |2l Informally, 
CMCb inherits its syntax from MA and CCS. The syntax allows global communication among ambients 
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Names : 

Actions : 

Variables : 

mA,nB,kc... G 

a,j8,... G Act = xVLi {t} 

x,y, ... G AC 



Processes : 

P,Q:-.= D 

1 C.P 

a(z).P 

a{x).P 


1 mA[P] 

1 P + Q 

1 P\Q 

{vmA)P 


1 {yi)p 

1 P[f] 



Capabilities : 

C ::= V 

1 P 

e 

C.C 


Table 1: Syntax of CMCb 


that could be mobile. We assume that ^ is an infinite set of port names, which is ranged over by a,b,c, 
and the set of co-names, denoted by is ranged over by d,b,c. We set ^ C and let A,B,C 
range over it. An infinite set Act comprises all possible actions that an agent can perform and a,j8 range 
over it. Act also includes T, which is a single completed action of composite agents. So Act = .if U {t}, 
and the typical subsets of a are A,B. The set of agent constants JC is ranged over by D and E, and the 
deadlocked agent 0 is a member of JC. In our syntax the variable z in a{z).P can be replaced by a value 
from aset'E, which may contain the capabilities as defined in Table [T] 

For the mobility part of CMCb syntax in Table [H we assume an infinite set of ambient names JA 
that is ranged over by mA,nB and kc, where A,B,C C £/ U ^. We define our ambient as a term nufF], 
where, m is the name of the ambient, A is the set of ports that ambient m is allowed to communicate 
on, and P is an executing agent. When ambients allow communication on all visible ports then we shall 
write m[P] instead of m^fP]. Other ambient constructs that are inherited from MA are {vm)P, C.P and 
C.C'. An ambient restriction {vm)P executes process P with a private ambient named m. In C.P, the 
process P cannot start execution until the prefix capability C is performed. The capability p in Table |2] 
allows ambients to perform certain actions, namely in and out, whereas C.C represents a sequence of 
capabilities (path) when input variable represents one or more of these capabilities. The empty path is 
represented by e. 

We further borrow the constructs for agent constants, action prefixing, parallel composition, sum¬ 
mation and action restriction from Milner’s CCS or the Ti-calculus |[T3l[T4l . The agent constant D has 

def 

a unique equation of the form D = P where P is an agent that may contain agent constants. The agent 
constants can also be defined in terms of each other. d{x) and a{z).P sends or receives a message on port 
d and a respectively, and then execute P. The received message can be any value v G F, and is bound 
to the variable z in P. Parallel composition is given in terms of a binary operator, P | Q, and summation 
is given by the choice operator P + Q that allows either process P or process Q to execute. In (vZ)P the 
port labels I or 1 are restricted in P, where I G .if. In a relabelling P[f], P is a process with the relabelling 
function / applied to its action labels. Finally, we have the set of terms T{L,V), where V is the set of 
process variables, and T (£), the set of closed terms (agents or processes) ranged over by P, Q. 

2.1 Reduction Semantics of CMCb 

The reduction semantics is formalised by two concepts: the structural congruence relation, =, and the 
reduction relation —We follow the definition in llTOll . 

Definition 1. A relation over processes in a process calculus is contextual, if it is preserved by all the 
operators in the process calculus. A relation over processes in a process calculus is p-contextual w.r.t 
a set of operators Op, if it is preserved by all the operators in the set Op. 
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Ambient Prefixes : 

p : 

:= inns 

outnB 



Action Prefixes : 

a : 

:= a{z) 

1 

T 


Ambient Actions : 

A : 

:= enter nB 

movenB 

exit nB 

P 

Labels : 

£ : 

:= p 

a 

X 

T 

Outcomes : 

0 : 

:= P 

K 



Concretions : 

K : 

:= {vm){P)Q 





Table 2: Prefixes and labels 


We denote the set of all names occurring free in P by fn{P). 

Definition 2. Structural congruence, =, over CMCb processes is the least p-contextual equivalence re¬ 
lation w.r.t the set of operators Opi = {v, [, [/],nB[ ],C.,a.}, where C and a are in Tables [T] and |2j that 
satisfies the following axioms: 


P\Q^Q\P 

(ParComm) 

A = P ifA = P 

(Const) 

{P\Q)\R = P\{Q\R) 

(ParAssoc) 

{vnB){P 1 2) 1 (vnB)2 ifnB ifn{P) 

(ResPar) 

P\0 = P 

(ZeroPar) 

{vnB){mA[P]) = mA[{vnB)P] if n^m 

(ResAmb) 

P+Q=Q+P 

(SumComm) 

{vnB){vmA)P = {vmA){vnB)P 

(ResRes) 

{P + Q)+R = P+{Q + R) 

(Sum Assoc) 

{vnB)0 = 0 

(ZeroRes) 

P + 0 = P 

(Zeroldentity) 

e.P = P 

(Epsilon) 


Definition 3. The reduction relation, —over CMCb processes is the least p-contextual relation w.r.t the 
set of operators Op2 = {v, |,nB[ ]} that satisfies the rule and axioms in Tabled 

mA[in ng.P \ Q] \ ««[/?] ^ nB[mA[P | 2] | /?] (Red In) 
nB[mA[out nB-P | 2] I R] “^ | 2] I «e[R] (Red Out) 

P^Q,Q^Q',Q'^P'^P^P' (Red=) 

Table 3: Reduction axioms and rule for CMCb 

The axiom Red In in Table [3] shows how an ambient itia may enter into an ambient ub by the virtue 
of its in hb capability. The reduction transforms ma, which is a sibling ambient of ug, into a child of ug. 
The axiom Red Out describes emigration of an ambient ma from an ambient hb by performing the out ns 
capability. The reduction transforms which is a child of to a sibling of ub- 

2.2 Labelled Transition System for CMCb 

A labelled transition system (ITS) is a tuple {S,L,{\\ I G L}), where 5 is a set of states, L is a set 

of transition labels, and \ are transition relations, one for each / € L. The LTS for CMCb is given 
as follows: The set of processes of CMCb is the set of states, the set of labels a as in Table |2] is the 
set of transition labels, and the transition relations A are defined by Plotkin’s Structural Operational 
Semantics (SOS) |[T9ll rules in Tables |4] and [S] In our semantics P ^ Q represents not only binary 
communication of processes as in CCS but also mobility of ambients by means of their in ns and out ub 
capabilities. In order to model mobility by T-transitions additional labels and auxiliary terms are used. 
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namely labels A and concretions K in Table [H So we will need auxiliary transitions P \ O, where P is 
a process, A is a label and O represents an outcome in Table HI which is either a process or concretion 
of the form {vm){P)Q as introduced by Milner |[T4l and used by Merro and Hennessy ifTOl . We adopt 
the following convention after iflOl . If K is the concretion vm{P)Q, then vuK stands for v{wn){P)Q, if 
u G fn{P), otherwise vm{P)vu{Q). A similar convention is followed for A-Par in Table|5l We define 
A' I P' as the concretion vni{P){Q \ P') where using a-conversion if necessary, ni is selected in such a 
way that fn{P') n m = 0. 


in ng 


(Act) 


pt.p A p 


(Enter) 


P' 


mA[P] {mA[P'])Q 


(Co-Enter) 




move hb 


{P)0 


enter riB 


(T-In) 


{vp){P')P" 


Q {vq){Q')Q'' i. 


P\Q ^ {vp){vq){nB[P' \ Q']\P" \ Q") 


out nB 


(Exit) 


P' 


exit nB 


mA[P] {mA[P’])0 


(T-Out) 


{vm){P')P" 


ub[P] ^ {vm){P' I nB[P'']) 


Table 4: Transition rules for mobility. Conditions (*) and (**) are defined as follows: 

(*) ifniP')Cfn{P''))r\q= ifn{Q')U fn{Q”))r\p = 0 and (**) {fn{P')[Jfn{P''))r\ni = 0 


(A-Par) 


P \ O 


p\Q^o\q 


(*) 


(A-Res) 


p \o 


{u^fn{X)) 


(T-Amb) ■ 


P' 


nA[P] 4 nA[P'] 


(Struct) 


{vu)P {vu)0 

P^Q Q^Q' Q'^P' 

P \ P' 


Table 5: Transition rules for other operators of CMCb- Condition (*) says that the definition of A is 
extended to include also a T. 


A 

Transitions P —>• 0 are not first class transitions; they are only helpful in SOS rules that define T- 
transitions of processes corresponding to the movement by in nB and out nB capabilities. 

Communication in CMCb is defined as in CCS, so in addition to the SOS rules in Tables |4] and |5l we 
have the SOS rules for CCS as in |[T3l (also in Appendix EJl and the following Global-Corn rule: 

p A p' — 

(Global-Corn)- {a ^ z and if {a = a{x) or a = a(x) for some a) then a ^A) 

maIP] a maIP'] 

Global-Corn allows ambients to communicate globally only on ports a ^ A. Recall that when ambients 
allow communication on all visible channels then we shall write m[P] instead of niA[P]- 

Next, we discuss some reductions and at the same time explain how auxiliary labels and transitions 
are used in defining mobility transitions. We assume mA[innB.P] | 2 | ^^[P] for some P, Q and R. 

The ambient for some A, has the capability to enter an ambient ns for some B. By Red In axiom 
in Table [3] we have, 

mA[innB.P] \ Q \ ^^[P] —^ nB[mA[P] | P] | 2- 
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We now derive the T-transition of my^[inns.P] \ Q\nB[R] hy T-In rule in Table |4l For simplicity, we 
assume that there are no private names in Q and R. We have in ns-P P. When the migration occurs, 
we must identify the moving ambient ma, and the agent that is left behind. To model these two agents 
we use concretion vm{P)Q, where P is the agent that moves, while Q is the agent that stays behind, 
and m is the set of private names shared by P and Q. We introduce a new action enter and have 
mAlinng.P] (m^[P])0. By A -Par in Table |5] we obtain mA[innB.P] \ Q (ni^[P])(0 \ Q) ^ 

{mA[P])Q. 

Next, to achieve the T-transition there must exist a sibling ambient ng. We define a new action 
move nB for ng to complete this interaction. By T-In we get, 

niAlinnB.P] \ Q \ nsfP] -4 nB[mA[P] \R]\Q- 

After the transition the ambient ma, becomes a child of ng. 

Next, we explain emigration capability by considering mA[nB[out ma-P] \ Q], for some P and Q where 
Q has no private names. The ambient ng may emigrate from by its out mA capability. By Red Out we 
have, 

mA[nB[out mA-P] \ Q] ng[P] | mA[Q\. 

We derive the T-transition of /«^[ng[oMt mA-P] \ Q] by T-Out. We define a new acfion exit mA, and by 

Exit in Table|4]we get ng[oMt mA-P] (ng[P])0. By A-Par we get ng[oMt mA-P] ] Q {nB[P])Q, 
which shows that when this capability is exercised ng[P] moves out, while the process Q remains inside 
mA- By T-Out we have, 

mA[nB[out mA-P] ] Q] -4 ?ig[P] | nu[G]. 

After the transition the ambient ng, becomes a sibling of m^. 

2.3 Results 

In this subsection we show that the LTS semantics (SOS semantics) coincides with the reduction seman¬ 
tics for a sub-calculus T' of CMCb that consists of all operators of CMCb apart from the prefixing with 
actions (including t) operators, the choice operator and the relabelling operator. 

Since we have developed operational semantics for the mobility part of CMC, therefore we intu¬ 
itively restrict equivalence between the operational semantics to a subset of the calculus, and prove the 
soundness and completeness of the semantics. Soundness ensures that for every reduction of a T' term 
there is a valid T-transition of the term, and the target of the T-transition is congruent to the target of the 
reduction. Completeness ensures that for every valid T-transition of a T' term there is a valid reduction 
of the term, and the targets of the T-transitions and the reductions are the same. 

Theorem 1. (a) VP, P' G P'. P ^ P' ^ 3 2 € A'. P 4 2 = P’■ (b) VP, RgT'-P ^ R^ P ^ R. 

Proof- By transition induction where we consider cases of reductions or transitions of terms depending 
on the structure of the terms. The proof of part (a) is straightforward, whereas to show part (b) & number 
of auxiliary lemmas are required, similarly as in lITOl . Given a transition P ^ O, where A is as in Table 
121 these lemmas state the structure of terms P and O- For example, for ambient entering capability we 
require the following lemmas: 

Lemma 1. If P vp (P')P" then P = vp {kA[in ng.Pi | P 2 ] | P 3 ), P' = ^a[A | ^ 2 ] and P" = P 3 , for 

some Pi ,P 2 ,P 3 , Ua with ng 0 p, where p is a set of private ambient names in P. 
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Lemma 2. If Q vq {Q')Q'' then Q = vq (?ib[2i] | Qi), Q' = Qi and Q" = Q 2 , for some Qi,Q 2 , 

with hb 0 q, where ^ is a set of private ambient names in Q. 

The detailed proof of Theorem[T]is given in |61 (Section 4.2). □ 

2.4 Behavioural Semantics 

We develop an appropriate notion of behavioural equivalence for CMCb- All processes and context 
mentioned in this section are from our calculus CMCb- We formulate the equivalence in terms of a- 
transitions (A-), for a E a{z),b{z),in mA,out mA,x, for all a,b,m,A, and observation predicate as in 
imiTOl. We write P to denote the presence of ambient ha at the top level, in the other words process 
P may interact with the environment via ha- We write P if after some number of T-transitions, the 
process P exhibits ua at the top level. 

Definition 4. (Barbs) 

def 

P \-nA — P ^ vm{nA [A] I ^ 2 )) where ha for somePi, P 2 and 
p ^ nA‘^- p ^ Q Q W for some Q. 

Definition 5. (Barb Preserving) 

A relation R over processes is said to be barb preserving if P RQ and P implies Q . 

Definition 6. (Context) 

A context is a process with zero or more holes [•]. A hole [•] in a context is replaced by at most 
one occurrence of a process. A context '^[•] with a hole [•] replaced by a process P is denoted by '^[P]. 

Definition 7. (Contextual Equivalence) 

Processes P, Q are contextual equivalent, denoted by P ~ 2, if for all contexts '!§’[■] and ambient names 
nA, "^[P] Ua implies ^[Q] Ua- 

Since we are considering weak equivalence, we provide the notion of weak actions as follows. We 

T T 

write a E Act (recall that T E Act) . We write for the reflexive and transitive closure of —)■, where — 
specifies exactly the T-transition. specifies at least a T transition, a is a sequence obtained by deleting 
all occurrences of T actions, note that f = e. Furthermore, ^ is =4>, an empty sequence of T-transitions, 

■ a . a „ , 

and ^ IS =>, for a^i. 

We define two forms of barbs; one at ambient level whereas another for ambients capabilities. They 
give rise to (a) barbed bisimulation and congruence, and (b) capability barbed bisimulation and congru¬ 
ence. We then show that the respective congruence relations imply each other. 

Definition 8. (Barbed Bisimulation and Congruence) 

A relation S is a barbed bisimulation, if it is symmetric and if (P, Q) £ S then for all a E {a{z),b{z), 
in mA,out ma}, 

- if P 4 P' then Q ^ Q' and (P', Q') E 5; 

- ifPi„^ then 2 

Processes P and Q are barbed bisimilar, P ^ Q, if (P, Q) £ S for some barbed bisimulation S. P and Q 
are barbed congruent, P = 2> if for all contexts ‘^[•], ^[P] ~ ^[2]- 

Definition 9. We write P if P P' for some P', where jS £ {in nA, out nA, enter nA, move nA, exit nA } - 

We write P if P A P' 4 P" for some P' and P". 
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Definition 10. (Capability Barbed Bisimulation) 

Let L = {in nA,out enter UA^niove n^^exit n^}, and let j3 € L. A relation is a p-barbed bisimulation, 
if R is symmetric and if {P,Q) € R then for all a € {a{z),b{z),in nA,out 

- if P 4 P' then Q ^ Q' and (P', Q') € P; 

- ifPi |3 thenQi{p. 

P and Q are j 8 -barbed bisimilar, P Q, if (P, Q) ^ R for some j 8 -barbed bisimulation R. P and Q are 
barbed congruent, P =p Q, if for all contexts "^[P] ^[2]. 

We now prove that two congruence relations, namely barbed bisimulation congruence and capability 
barbed bisimulation congruence imply each other. 

Theorem 2. Let P,Q£ CMCb- Then, P ^ g iff P g for all ng. 

Proof. We consider a case where j8 = move ng, and show that P = Q implies P =move hb Q for P: Q 
and ng. 

Assume that P = Q and P JJ-^ove «b^ and we will show Q JJ-^ove ng ■ We define a context [•] as follows: 

dpf 

= VmA{[-]) I Va{kc\in ng.out ng.a.O] \ a.mA[P]), with a ^ B and a £C 
Global communication is very useful in the definition of context It acts as a guard and the 

context may interact with the environment via corresponding guarded ambient if the guard is satisfied. 
Before we continue with proof of Theorem [2j we shall need the following lemma. 

Lemma 3. For and kc fresh in an agent R, R fmove ng iff [P] ■ 

Proof We show, R i^move «g implies [R] 

By Definition |9l R JJ-moveng implies R ^ R' R" for some R!,R". Since R JJ-moveng is valid, we 

obtain R —R - > R . 

We consider R' R". By Lemma|2l if P' vr{Q')Q'' then R' = vf (^^[Pi] | P 2 ) and P" = 

vr{Q')Q", where Q' = R\ and 2" = P 2 . We now have, 

^\\R'] = [vf(nB[Pi] I P 2 )] = VmA(vf(nB[Pi] | P 2 )) \ Va{kc\in ng.out ng.a.0] | a.mA[P]) 

Since by (*) in T-In in TablelH the members of rare not free names in va{kc[in ng.out ng.d.O] \ a.mA[P]), 
and a ^fn{vmA{vr{ng[R\\ \ P 2 ))), the process ^i[vf(nB[Pi] | P 2 )] executes as follows 

vavr{vmA{ng[kc[out ng.a.Q] \ Pi] | P 2 ) | a.mA[P]), 

[kc mA acuA kc ^ f) and (a 0 /?i(P 2 ) and f n^(P) = 0 ) (T-In) 

VaVr{vmA{ng[R\] \ P2 | kc\d.O]) \ a.mA[P]) (T-Out) 

vavr{vmA{ng[Ri] \ P 2 | 4[0]) I niA[P]) (Global-Corn) 

We need to show ^1 [P] which by our predicate definition, means ^1 [P] —[P'] j ^rid [P'j f^A 
means '^1 [P'j = vm(mA[Pi] | P 2 ) for some Pi,P 2 ,m. When P 2 = vniA(nB[Pi] | P 2 | 4[0])) wrA[Pi] = >nA[P] 
and m = vavr, then we obtain [P'] = vavr{vmA{ng[R\] \ P 2 | 4[0]) I wia[P])> which implies ^i[P']U. 

Since P ^ P' we obtain [P] ‘ifi [P']. Since [P] 4- [P'] and [R']imA^ we obtain [P] as 

required. 
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We now show, [/?] implies R ij-move ng 
Since [/?] 11^^ means [/?] —[/?'] for some R', we have 

'io\[R] = Vmj^{R) I va(A:c[m ng.out n^.a.i)] \ a.m^[P]) 

Here, [P] may interact with the environment via the ambient only if, after some T-transitions, niA 
exists at the top level. Therefore, R^R' and we obtain 

VniA^R') I Va{kc[in ns-out ngM-O] \ a.mA[P]) 

def 

Since we define predicate {R' 4,„g) as P' = P' = vq{nB[Q\] \ Q 2 ) for some Qi,Q 2 .,and ub ^ we 
obtain 

VmA{R') I Va{kc[in ns-out nB-d.O] \ a.m^lP]) ^ VmA{R') \ Va{kc^] \ mA[P]). 

Since after a number of T-transitions we have niA at the top level of context ^ 1 , so ^i[P'] may interact 
with environment via itia and we obtain ^i[P'] ifniA- Since ^i[P] —^i[P'] and 'ipi[R'] we obtain 

Since we have P' = vq^nslQi] \ Q 2 ), we show as follows: 


A-Res 
Struct 


Co-Enter 
A-Par- 


«b[2i] 


nB[Q\] I Qi 


move riB 


move ng 


{nB[Qi])0 

(«B[ei])(o|<22) 


Vq{nB[Qi] I Ql) Vq{nB[Qt]){0 \ 62) ^ VgW[!2i])!22 

yqinBlQi] I < 22 ) V^(n4ei])e2 


□ 

Now we return to the proof of Theorem |2l Since P J|,nm'e«s we get, by Lemma [3l "Ai [P] Since 
P = Q, we obtain ^i[P] = ^i[2], for context Then since ^i[P] = ‘^i[2], ^i[P] JJ-m^ gives us 

[2] JIma- Finally, by Lemma [3l % [Q] JI^a implies Q ij-move ng as required. 

Next, we show the right to left implication, namely P =moveng P = Q for all P, Q. Assume that 
P =moveng Q and P Ama* and we will show Q We define fhe confexf "AAf-] as follows: 

def 

‘^^ 2 [■] = VnB([-]) I va(/:c[m ntA-out inA-d.O] \ ^.^^[P]), wifh a and a £C. 

Lemma 4. Lor kc and hb fresh in an agenf P, P JJ-^a iff ^1 [P] -Amoveng- 

Proof. Since fhe proof is very similar fo fhe proof of Lemma [3] if is omiffed. □ 

Since P Ama Lemma H gives us ^ 2 [P] Amove«g- Since P =moveng Q, we obfain ^ 2 [P] =movenB ^ 2 [2] 
for confexf ^2[-]- Nexf, since ^2[P] =movenB ^ 2 [2], ‘^2[P] Amove ng giVBS US ^2[2] Amove «g- HcnCC, by 
Lemma m ^2 [2] Amove «g implies Q AmA as required. □ 

Conjecture 1. We conjecfure thaf Theorem |2] will hold for fhe ofher capabilifies, namely enter ub and 
exit Ub of CMCb. 
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3 Intelligent Hospital Case Study 

This case study illustrates the usefulness of CMCb in the given problem domain. Agents’ mobility and 
global communication features are modelled in a scenario where services follow mobile ambients, and 
server supplies services globally to appropriate device provided that the receiving ambient is at the same 
location as the device. 

We consider a hospital building and a doctor who moves around the building and helps patients. 
While dealing with patients, he may need to use information displayed on screens that are fixed around 
the building. We assume that an independent server communicates globally with the doctor and with the 
screens around the building. The purpose of this case study is to model services following the doctor 
around the building, more specifically fo ensure fhaf informafion is shown only on fhe screens of fhe 
rooms where fhe doctor is presenf. 

An ambienf k represenfs the building. The ambient k contains ambients dvK and wl which represent 
the doctor’s room and the ward respectively. K and L are sets of communication ports, where b,c\ € K 
and b,C 2 G T. This means that the ambient drK can communicate at least on ports a and ci and the 
ambient wl can communicate at least on ports a and C 2 - Furthermore, there are two fixed screens scrA^ 
and scrA 2 in dr^ and wl respectively. A\ and A 2 are fhe sefs of communicafion ports, where ci G Ai and 
C 2 G A 2 , buf Cl 0 A 2 and C 2 0 Ai. Finally, fhe docfor is represented as an ambienf ds for some B wifh 
a,b G B. 

Initially, the ambient ds is in the doctor’s room drK, he then moves to the ward wl and starts using 
services on the screen ^cr^j ■ The graphical representation of our setting is given in Figure [2 The 
ambients are represented by boxes, whereas dashed lines represent the communication channels. Next, 
we define our agenfs as follows: 



Figure 1: Infelligenf Hospifal selling 

Agenfs Server and S are given below, where / is a finite sequence of values, vi , V 2 , ■..,Vk, for some k: 

dcf 

Server{v:l) = b{x). if {x = drK then ci{v).Server{1) 

else ifx = wi then C 2 {v).Server(1) else Server{v : 1)) 

Server{e) 0 S s[Server{l)\ 

Agenfs Screen,n and Scr^ for m G {1,2}, are defined as follows: 

Screen,,, ‘^= c„,{x).d{x).Screenm Scr,„ ^ scrA„\Screenm\ 

The agenl ScrA„, receives an inpul x from fhe server on c,,, and oulpuls x on a. Since a ^ B, fhe agenl 
Doc, defined below, is able lo view x via porl a. 
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Finally, we define agents Doctor and Doc as follows: 

def — 

Doctor{p,l) = b{p).a{x).Doctor{p,x : 1) 


+out p.b{k).inr.b{r).a{x).Doctor{r,l) p,r & {drK,WL} and r ^ p 



We use p to represent the initial location of Doc, here p = drK- When Doc leaves p by performing out p 
capability, his new location becomes k. He now may enter r by in r, and send his location to Server. In 
this particular situation, r = wl since r ^ p and p = drK- 

The Intelligent Hospital system is represented by the parallel composition of the server and the 
building, which contains doctor’s room, ward, the doctor and two screens: 


S I k[drK[Doc \ S'cri] | wi[Scr2] ] 


For simplicity we assume that the server S sends only a single piece of information, namely I = v : e 
for some v. Initially Doc is in drK and S wants to send the value v to Doc via either Scr\ or Scr 2 . There 
are two possible sequences of execution of the Intelligent Hospital system. These sequences are: 




In the first sequence. Doc sends its location drK to S on port b, the server in response sends v to Scr\ 
on port Cl, and then Doc views v via port a. These interactions are indicated by appropriate labels that 
annotate the zs of this sequence. In the second case. Doc leaves the drK and enters the ward by its out drK 
and in wl capabilities. It sends its current location to S on port b after executing every move capability. 
The server in response sends v to the Scr 2 on port C 2 , and then the screen displays v to Doc on port a. 

4 Adding Context-Awareness 

In this section we extend the calculus even further by adding a context-awareness mechanism. In smart 
indoor settings, location is considered an important entity for providing communication among various 
portable and static structures. We consider location as one of the most typical forms of context, and 
propose a location-awareness feature, by introducing new constructs ploc{x) and sloc{x), that query an 
ambient’s parent and sibling names respectively. 

We add ploc(x) and sloc(x) to CMCb, finally giving our full calculus CMC. The definition of p in 
Table[2]is extended to include further ploc(x) and sloc(x). Also, the definition of A in Table[2]is extended 
to include further auxiliary labels plocl(z), slocl(z) and amb ns- 

4.1 Reduction Semantics for CMC 

The reduction semantics of CMC is given in terms of the structural congruence relation, =, and the 
reduction relation, The axioms for ploc{x) and sloc{x) are given in Table[6] 


niA[nB\ploc{x).P I 2] I ^ mA[nB[P{x ^ uia} | 2] I (Red Ploc) 

atj\p] I nB[sloc{x).Q \ 5] niA[P] \ nB[Q{x •(— niA] \ 5] (Red Sloe) 

Table 6: Reduction axioms for ploc and sloe 


Structural congruence, =, for CMC processes is as in Section |2] where capabilities C include addi¬ 
tionally ploc(x) and sloc(x). The reduction relation, —)>, for CMC processes is as in Definition |3] except 
that it satisfies additionally the axioms in Table 
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(Act-Ploc) ■ 


ploc{x).P ^P{x •(— z] 


{z doesn’t appear in P) 


(Plod) 


nB[P] 


plocl{z) 


(bbIPDO 


p '"d’ vp{p')Q p' "d’ p" 


(**) 


mA[P] {vp)mA[P”{z-^mA} \ Q]) 
Table 7: SOS rules for ploc. Condition (**) is as in Table |4] 


4.2 SOS Semantics for ploc and sloe 

The SOS rules for ploc{x) and sloc{x) in Tables |7j [8] and [5] As before, we use concretions in our 
rules. We illustrate reductions and transitions associated with the ploc(x) capability by considering 
mA[nB[ploc{x).Pi I P 2 ] I Q], where hb is a child of tua and Pi, P 2 and Q are some processes. We as¬ 
sume for simplicity that P 2 and Q have no private names. The construct ploc{x) enables np to find 
out the name of its parent (here and pass it to P via .r. By the reduction rule Red Ploc we get 
tnA[nB[ploc{x).Pi I P 2 ] I Q] —)• mA[nB[Pi{x ^ ma} \ P 2 ] \ Q], where Pi{.r ^ma} denotes process Pi with 
all occurrences of x replaced by niA. 

Now we show how to use T-Ploe in Table |7j The T-Ploe rule uses the notion of lookahead as, for 
example, in (241. In order to derive a T-transition of mA[P] we need to ensure that P contains an ambient 

enquiring parent’s name. This is achieved by P vp{P')Q where P' contains this ambient. The 

agent P' then perform ploc{z) to substitute the parent’s name: P' p"_ Hence P' is used both on the 

right-hand side and on the left-hand side of the premises in T-Ploe, so T-ploe has a lookahead. 

Now, to derive the T-transition of mA[nB\ploc{x).Pi \ P 2 ] | Qj we must identify the ambient enquiring 
parent’s name. To achieve this we introduce a new action plocl(z) and by Plod we obtain nB[ploc{x).Pi \ 

P 2 ] {nB[ploc{x).Pi I P2])0. By Par-Plod we have 

nB[ploc{x).Pi I P 2 ] I G {nB[ploc{x).Pi \ P2])(0 | Q), where z ^ fn{Q) (A) 

Transition lAl matches the first premise of T-Ploe for the agent m^[ng[pZoc(x).Pi | P 2 ] | Q]. 

Now, nB\ploc{x).Pi I P 2 ] must be able to perform the capability ploc(x), thus giving the right-hand side 
premise of T-Ploe: 


nB[ploc{x).Pi I P 2 ] nB[Pi{x ^ z} \ P 2 ], where z ^ /n(P 2 ) (B) 

Since we have 0 and |Bj by T-Ploe we obtain 

mA[nB[ploc{x).Pi I P 2 ] I Q] A mA[nB[Pi{x ^ z} \ P 2 ]{z ^ wia} | 0 | G] 

= mA[nB[Pi{x ^ z} I P2]{z ^ nu} | G] 

Since z does not appear free inP 2 by rules for substitution, the transition is as required: niA[nB[ploc{x).Pi \ 

Pi] I G] -A mA[nB[Pi{x ^ ma} I P2] I G] 

We now consider the correspondence of the reduction semantics and the operational semantics for 
CMC. Let T'” be a sub-calculus of CMC that consists of all operators of CMC apart from the prefixing 
wifh actions (including t) operafors, fhe choice operator and fhe relabelling operafor. We easily have fhe 
soundness part of fhis correspondence befween fhe fwo semantics: 

Theorem 3. VP, P' G T'". P ^ P' ^ 3 G G T'” ■ P ^ Q = P'. 

We conjeefure fhaf fhe completeness par! of fhe correspondence befween fhe operational semanfics 
and reduefion semanfics is also valid. The proof relies on several auxiliary lemmas. For example, if 
A = ploc\{z) then the lemma for A is: 
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(Act-Sloc) 


(Slocl) 


sloc{x).P ^P{x-^z\ 


{z doesn’t appear in P) 


niAlP] {mA[P])0 

slocli 


(Sib-Amb) 


n„[P] P 


(Par-Amb) 


p vplP')P''' P' P” Q Q' 

(T-Sloc) -;- (*) 


p a 'rib tiB p, 
p I Q p, 


P\Q^vp{P''{z^nB}\P'”)\Q 

Table 8: SOS rules for sloe. Condition (*) is as in Table|4] 


Lemma 5. If P (vp) {P')P'" and P' ^—> P", where variable z does not appear in P, then P = 

vp{nB[ploc{x).Pi I P 2 ] I P 3 ), P' = ?iB[p/oc(;r).Pi | P 2 ], P”' = P 3 and P” = nB[Pi{x ^ z\ \ P 2 ] for some Pi, 
Pi, P 3 , ub with hb ^ p, z ^ fniPi) C fn{P-i) and p a set of private ambient names in P. 

5 Interactive Shopping Mall Case Study 

This case study illustrates the usefulness of global communication, in ns, out ub, and ploc(x) features 
of CMC. The shopping mall consists of a number of retail outlets, clients and personal digital assistants 
(PDAs). To offer clients a high level of services, there is a server that delivers services to clients on 
requests via PDAs which are distributed inside the mall. The tree representation of the shopping mall 
setting is given in Figure |2j where the initial setting is given on the left-hand side and the final setting 
is on the right hand side. In this figure, fhe ambient sm is the shopping mall with two retail outlets m 



c 


Figure 2: Interactive Shopping Mall settings 

and n. For simplicity we have only one client and one PDA, represented by the ambients client and pda 
respectively, which are inside m. 

Scenario: The client wishes to move from her current location m to a target location n inside the mall. 
She picks up a pda and sends the two locations to the server and requests for the path from m to n. The 
server generates this path as a sequence of capabilities and delivers it to the client via pda. 

We define our seffing as follows where C', P' and S' are some processes: 

vabc {sm[m[client\ploc(x).d{x,n).a{u).u.C' \ pda[a{yi,y 2 ).b{yi,y 2 ).c{z).d{z).P']]] |n[]] | 

server[b{xi ,X 2 ).c(j>ath{T,xi ,X 2 )).S']) 
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Here, path{T,xi ,X2) is a function that calculates a path between the source node xi and the target node X2 
in a given tree T. The only possible execution sequence from this state is S" for 

some S". In this sequence client acquires parent’s name by ploc{x) and sends her source and the target 
locations to server via a. The server in response calculates the path (m,n) between the two locations and 
delivers it back to the client. In this particular case, the path calculated from m to n is out m.in n. Now the 
system has the form S" = vabc {sm[m[client[out m.in n.C' \ pda[P']]] | ]] | server[S']). After executing 

out m.in n the final state of the system becomes vabc {sm[m[ ] \ n[client[C' \ pr/a[P']]]] | server[S']), and 
is represented on the right hand side of Figure |2l 


6 Conclusion and Related Work 

We have proposed CMC for the modelling of mobility, communication and context-awareness in the 
setting of ubiquitous computing. The notion of ambients mobility has been modelled by the in ng and out 
ub capabilities [4]. A new form of global communication has been introduced in CMC which is similar 
to that in Milner’s CCS. Ambient’s name has been tagged with the set of ports which are functioning as 
a restriction on global communication, specified af fhe level of ambienfs. A labelled fransifion sysfem 
semanfics has been developed, where P ^ Q represenfs nol only a binary communicafion of processes 
as in CCS buf also fhe ambienfs’ mobilify sfeps by means of fheir in ns and out ub capabilifies. This has 
been achieved by addifional labels and specialised fransifions from processes fo fhe so-called oufcomes 
which are eifher processes or concretions. 

Recenfly, a number of varianfs of MA have been infroduced. Boxed Ambients (BA) ||2l inherifs 
mobilify primitives, namely fhe in and out capabilities from Mobile Ambienfs and infroduce a direcf 
communicafion mefhod befween parenf and child. Channel Ambient calculus (CA) ifT^ is a varianf of 
Boxed Ambienfs. In CA, channels are defined as a firsf class objecfs and fhe communicafion is eifher 
befween parenf and child or befween siblings. To fhe besf of our knowledge, fhe ambienf calculi do nol 
supporl a direcf inleraclion of an agenl wilh a subagenl inside anolher agenl. Communication can only 
happen befween fhe Iwo adjacenl agenls, namely communication befween parenf and child or befween 
siblings. CMC has infroduced a new form of global communication by defining ambienfs as mA[P], 
where m is fhe name of fhe ambienf, A is fhe sel of porls lhaf ni is allowed fo communicale on, and P is 
an executing agenf. 

Poslad in ll20l addressed a number of Iheorelical concepls in fhe conlexl of ubiquilous compuling. 
In ubiquilous compuling selling compulations could be mobile and conlexl-aware as, for example, in 
iniisi- Saloh has researched spatial organisation of sysfems UTll |23l and concluded lhaf fechnolog- 
ical advancemenls have enabled computing devices fo become aware of fheir surroundings. Location- 
awareness has fumed oul fo be useful in many applicalions, in parlicular, in determining posifion, nav- 
igalion, fracking, and monitoring of ubiquilous computing devices. The nofion of bigraph has been 
infroduced by Milner in ifT^ wilh fhe idea of presenfing fwo independenl slrucfures on fhe same sel of 
nodes. A bigraph is a mafhemalical struclure consisting of a place graph and a link graph wilh common 
nodes. Process calculi and behavioural equivalences have led to an approach in bigraph Iheory somewhal 
differenl from fhe well-known Iradifion of graph rewriting ifTSl . Leonhardl f91 classified location mod¬ 
els info geomelric and symbolic models. In geomelric models locafions are represenled as coordinafes 
sysfems, whereas symbolic localion models use fhe notion of place and labelling fhe locafions. We use 
fhe nofion of place to model localion, and represenl fhe slruclure of our sysfem by a hierarchical space 
free. The nodes represenl fhe places, objecfs or compuling devices, whereas fhe edges represenl fhe con- 
fainmenl relations befween objecfs. Each node or objecl is represented by named ambienf, which may 
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contain nested ambients inside, as in 14]. 

A Calculus of Context Aware Ambients (CCA) fS] describes the context-awareness requirements of 
the mobile systems. It introduces the notion of context expression that constraints the capabilities. We 
also add a context-awareness mechanism to our calculus by introducing two capabilities to it. The new 
capability ploc(x).P allows an ambient to acquire the name of its parent and pass it as x to P, whereas 
sloc(x).P enquires the sibling’s name of an ambient. Conversation Calculus 1251 131 is designed for ex¬ 
pressing and analysing service based systems. It proposes a spatial communication topology where 
conversation contexts are used as message exchange patterns. The construct here(x) that allows access to 
the conversation medium in Conversation Calculus is similar to the ploc(x) and sloc(x) capabilities of our 
calculus. These capabilities are not precisely used for only communication, whereas in Conversation Cal¬ 
culus conversation contexts are proposed as communication medium that controls information sharing 
among processes. Sessions [8] introduce a communication context among various partners to exchange 
messages based on previously agreed scheme, and sessions of specific patterns are introduced to ex¬ 
press communication primitives. In CMC, we have modelled physical contexts and have intuitively used 
ambients to represent the structures. The systematic addition of context-awareness primitives smoothly 
increases the expressiveness power of the calculus. 

In past few years, several operational semantics have been developed for MA and its variants as, for 
example, in lITOl [T^ fTTl . The authors in ifTOl introduce a labelled transition system based operational 
semantics, and a labelled bisimulation equivalence which is proved to coincide with reduction barbed 
congruence. We also develop a labelled transition semantics and prove that the semantics coincides with 
the standard reduction semantics. Our labelled transition semantics is inspired by that in ifTOl . The main 
difference is that we do not use the co-capabilities, hence preserving the standard MA semantics. We 
have defined barbed bisimulation and congruence, and capability barbed bisimulation and congruence 
and have showed that the respective congruence relations of the two forms of barbs coincide. The notion 
of behavioural equivalence and the proof method for establishing the equivalence is inspired by that in 
ifTOll . The authors in ifTOll . use co-actions and passwords that help them in proving their results, whereas 
the use of global communication in CMC is fundamental in proving the results. The expressiveness and 
usefulness of the calculus has been illustrated by presenting intelligent hospital and interactive shopping 
mall case studies, where the relevant constructs are used to model various features of the calculus. 
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A SOS Rules for communication 


(Input) 


aiz).P P{v/z} 


(vGV) 


(Res-Act) 


P 3, p' 


{va)P 4 {va)P' 


(Par-Corn) 
(Rel) 


/■"-itV 




FI e 4 p' 12' 


P ^ P' 


P[f] P'[f] 


(Struct) 


P^Q Q^Q' Q'^P' 

P \ P' 


(Output) 


■(a^fn{a)) (Sum)- 


a{x).P P 
P ^ P' 


P + Q^P' 

P ^ P' 
(Par-Act) a - 


P\Q^P'\Q 


(Const) 


P 3, p’ 
A ^ P’ 


(A^P) 



